Allow dropping privs on platforms without setresuid()

.gitignore

@@ -0,0 +1,2 @@
+*.o
+vger

configure

@@ -0,0 +1,14 @@
+#!/bin/sh
+
+OS="$(uname -s)"
+
+case "$OS" in
+	Linux)
+		EXTRAFLAGS=-lbsd
+		;;
+	*)
+		EXTRAFLAGS=""
+		;;
+esac
+
+echo "EXTRAFLAGS=${EXTRAFLAGS}" > config.mk

main.c

@@ -20,57 +20,78 @@
 #include "opts.h"
 #include "utils.h"
 
+/* length of "gemini://" */
 #define GEMINI_PART	 9
-/* 2014 + 1
- * see https://gemini.circumlunar.space/docs/specification.html.
- * fgets() reads at most size-1 (1024 here)
+
+/*
+ * number of bytes to read with fgets() : 2014 + 1.
+ * fgets() reads at most size-1 (1024 here).
+ * See https://gemini.circumlunar.space/docs/specification.html.
  */
 #define GEMINI_REQUEST_MAX 1025
 
-int virtualhost;
-
-void        autoindex(const char *);
-void        cgi(const char *cgicmd);
+void 		autoindex(const char *);
+void 		cgi      (const char *cgicmd);
 void 		display_file(const char *);
-void 		status(const int, const char *);
-void		status_redirect(const int, const char *);
-void		status_error(const int, const char*);
 void 		drop_privileges(const char *, const char *);
-int         uridecode(char *);
+void 		echdir   (const char *);
+void 		status   (const int, const char *);
+void 		status_redirect(const int, const char *);
+void 		status_error(const int, const char *);
+int 		uridecode (char *);
+
+
+void
+echdir(const char *path)
+{
+	if (chdir(path) == -1) {
+		switch (errno) {
+		case ENOTDIR:	/* FALLTHROUGH */
+		case ENOENT:
+			status_error(51, "file not found");
+			break;
+		case EACCES:
+			status_error(50, "Forbidden path");
+			break;
+		default:
+			status_error(50, "Internal server error");
+			break;
+		}
+		errlog("failed to chdir(%s)", path);
+	}
+}
 
 int
 uridecode(char *uri)
 {
-    int n = 0;
-    char c = '\0';
-	long l = 0;
-    char *pos = NULL;
+	int 		n = 0;
+	char 		c = '\0';
+	long 		l = 0;
+	char           *pos = NULL;
 
-    if ((pos = strchr(uri, '%')) == NULL) {
-        return n;
-    }
-    while ((pos = strchr(pos, '%')) != NULL) {
-        if (strlen(pos) < 3) {
-            return n;
-        }
+	if ((pos = strchr(uri, '%')) == NULL)
+	    return n;
 
-        char hex[3] = {'\0'};
-        for (size_t i=0; i < 2; i++) {
-            hex[i] = tolower(pos[i+1]);
-        }
-        errno = 0;
-        l = strtol(hex, 0, 16);
-        if (errno == ERANGE && (l == LONG_MAX || l == LONG_MIN)) {
-            /* conversion failed */
-            continue;
-        }
-        c = (char)l;
-        pos[0] = c;
-        /* rewind of two char to remove %hex */
-        memmove(pos+1 , pos + 3, strlen(pos+3) + 1); /* +1 for \0*/
-        n++;
-        pos++; /* avoid infinite loop */
-    }
+	while ((pos = strchr(pos, '%')) != NULL) {
+		if (strlen(pos) < 3)
+		    return n;
+
+		char 		hex[3] = {'\0'};
+		for (size_t i = 0; i < 2; i++)
+		    hex[i] = tolower(pos[i + 1]);
+
+		errno = 0;
+		l = strtol(hex, 0, 16);
+		if (errno == ERANGE && (l == LONG_MAX || l == LONG_MIN))
+		    continue;	/* conversion failed */
+
+		c = (char)l;
+		pos[0] = c;
+		/* rewind of two char to remove %hex */
+		memmove(pos + 1, pos + 3, strlen(pos + 3) + 1);	/* +1 for \0 */
+		n++;
+		pos++;		/* avoid infinite loop */
+	}
 	return n;
 }
 
@@ -78,7 +99,6 @@ void
 drop_privileges(const char *user, const char *path)
 {
 	struct passwd  *pw;
-	int    chrooted = 0;
 
 	/*
 	 * use chroot() if an user is specified requires root user to be
@@ -87,69 +107,68 @@ drop_privileges(const char *user, const char *path)
 	if (strlen(user) > 0) {
 
 		/* is root? */
-		if (getuid() != 0) {
-			errlog("chroot requires program to be run as root");
-		}
+		if (getuid() != 0)
+		    errlog("chroot requires program to be run as root");
+
 		/* search user uid from name */
-		if ((pw = getpwnam(user)) == NULL) {
-			errlog("the user %s can't be found on the system", user);
-		}
+		if ((pw = getpwnam(user)) == NULL)
+		    errlog("the user %s can't be found on the system", user);
+
 		/* chroot worked? */
-		if (chroot(path) != 0) {
-			errlog("the chroot_dir %s can't be used for chroot", path);
-		}
+		if (chroot(path) != 0)
+		    errlog("the chroot_dir %s can't be used for chroot", path);
+
 		chrooted = 1;
-		if (chdir("/") == -1) {
-			errlog("failed to chdir(\"/\")");
-		}
+		echdir("/");
 		/* drop privileges */
+#if defined (__OpenBSD__) || defined(__FreeBSD__)
 		if (setgroups(1, &pw->pw_gid) ||
 		    setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
 		    setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) {
 			errlog("dropping privileges to user %s (uid=%i) failed",
 			       user, pw->pw_uid);
 		}
-
-		/* base directory is now / */
-                estrlcpy(chroot_dir, "/", sizeof(chroot_dir));
+#else
+		if (setgroups(1, &pw->pw_gid) ||
+		    setgid(pw->pw_gid) ||
+		    setuid(pw->pw_uid)) {
+			errlog("dropping privileges to user %s (uid=%i) failed",
+			       user, pw->pw_uid);
+		}
+#endif
 	}
 #ifdef __OpenBSD__
 	/*
 	 * prevent access to files other than the one in path
 	 */
-	if (chrooted) {
-		eunveil("/", "r");
-	} else {
-		eunveil(path, "r");
-	}
-	/* permission to execute what's inside cgipath */
-	if (strlen(cgibin) > 0) {
-		/* first, build the full path of cgi (not in chroot) */
-		char cgifullpath[PATH_MAX] = {'\0'};
-		estrlcpy(cgifullpath, path, sizeof(cgifullpath));
-		estrlcat(cgifullpath, cgibin, sizeof(cgifullpath));
+	if (chrooted)
+	    eunveil("/", "r");
+	else
+	    eunveil(path, "r");
 
-		eunveil(cgifullpath, "rx");
-	}
+	/* permission to execute what's inside cgidir */
+	if (strlen(cgidir) > 0)
+	    eunveil(cgidir, "rx");
 
-	/*
-	 * prevent system calls other parsing queryfor fread file and
-	 * write to stdio
-	 */
-	if (strlen(cgibin) > 0) {
-		/* cgi need execlp() (exec) */
-		epledge("stdio rpath exec", NULL);
-	} else {
-		epledge("stdio rpath", NULL);
-	}
+	eunveil(NULL, NULL);	/* no more call to unveil() */
+
+	/* promise permissions */
+	if (strlen(cgidir) > 0)
+	    epledge("stdio rpath exec", NULL);
+	else
+	    epledge("stdio rpath", NULL);
 #endif
+	if (!chrooted)
+	    echdir(path);	/* move to the gemini data directory */
 }
 
 void
 status(const int code, const char *file_mime)
 {
-	printf("%i %s; %s\r\n",
-	       code, file_mime, lang);
+	if (strcmp(file_mime, "text/gemini") == 0)
+	    printf("%i %s; %s\r\n", code, file_mime, lang);
+	else
+	    printf("%i %s\r\n", code, file_mime);
 }
 
 void
@@ -163,122 +182,101 @@ void
 status_error(const int code, const char *reason)
 {
 	printf("%i %s\r\n",
-		code, reason);
+	       code, reason);
 }
 
 void
-display_file(const char *uri)
+display_file(const char *fname)
 {
-	FILE		*fd = NULL;
-	struct stat	 sb = {0};
-	ssize_t		 nread = 0;
-	const char	*file_mime;
-	char		*buffer[BUFSIZ];
-	char		target[FILENAME_MAX] = {'\0'};
-	char		fp[PATH_MAX] = {'\0'};
-	char        tmp[PATH_MAX] = {'\0'}; /* used to build temporary path */
+	FILE           *fd = NULL;
+	struct stat 	sb = {0};
+	ssize_t 	nread = 0;
+	const char     *file_mime;
+	char           *buffer[BUFSIZ];
+	char 		target[FILENAME_MAX] = {'\0'};
+	char 		tmp[PATH_MAX] = {'\0'};	/* used to build
+						 * temporary path */
 
-	/* build file path inside chroot */
-	estrlcpy(fp, chroot_dir, sizeof(fp));
-	estrlcat(fp, uri, sizeof(fp));
-
-	/* this is to check if path exists and obtain metadata later */
-	if (stat(fp, &sb) == -1) {
-
-		/* check if fp is a symbolic link
-		 * if so, redirect using its target */
-		if (lstat(fp, &sb) != -1 && S_ISLNK(sb.st_mode) == 1)
-		goto redirect;
-		else
-		goto err;
-	}
-
-	/* check if directory */
-	if (S_ISDIR(sb.st_mode) != 0) {
-		if (fp[strlen(fp) -1 ] != '/') {
-			/* no ending "/", redirect to "path/" */
-			if (virtualhost)
-				estrlcat(tmp, "gemini://", sizeof(tmp));
-			estrlcat(tmp, uri,  sizeof(tmp));
-			estrlcat(tmp, "/", sizeof(tmp));
-			status_redirect(31, tmp);
+	/*
+	 * special case : fname empty. The user requested just the directory
+	 * name
+	 */
+	if (strlen(fname) == 0) {
+		if (stat("index.gmi", &sb) == 0) {
+			/* there is index.gmi in the current directory */
+			display_file("index.gmi");
+			return;
+		} else if (doautoidx) {
+			/* no index.gmi, so display autoindex if enabled */
+			autoindex(".");
 			return;
-
 		} else {
-			/* there is a leading "/", display index.gmi */
-			estrlcpy(tmp, fp, sizeof(tmp));
-			estrlcat(tmp, "index.gmi", sizeof(tmp));
-
-			/* check if index.gmi exists or show autoindex */
-			if (stat(tmp, &sb) == 0) {
-				estrlcpy(fp, tmp, sizeof(fp));
-			} else if (doautoidx != 0) {
-				autoindex(fp);
-				return;
-			} else {
-				goto err;
-			}
+			goto err;
 		}
 	}
-
+	/* this is to check if path exists and obtain metadata later */
+	if (stat(fname, &sb) == -1) {
+		/*
+		 * check if fname is a symbolic link if so, redirect using
+		 * its target
+		 */
+		if (lstat(fname, &sb) != -1 && S_ISLNK(sb.st_mode) == 1)
+		    goto redirect;
+		else
+		    goto err;
+	}
+	/* check if directory */
+	if (S_ISDIR(sb.st_mode) != 0) {
+		/* no ending "/", redirect to "fname/" */
+		estrlcpy(tmp, fname, sizeof(tmp));
+		estrlcat(tmp, "/", sizeof(tmp));
+		status_redirect(31, tmp);
+		return;
+	}
 	/* open the file requested */
-	if ((fd = fopen(fp, "r")) == NULL) { goto err; }
+	if ((fd = fopen(fname, "r")) == NULL)
+	    goto err;
 
-	file_mime = get_file_mime(fp, default_mime);
+	file_mime = get_file_mime(fname, default_mime);
 
 	status(20, file_mime);
 
 	/* read the file byte after byte in buffer and write it to stdout */
 	while ((nread = fread(buffer, 1, sizeof(buffer), fd)) != 0)
 		fwrite(buffer, 1, nread, stdout);
-	goto closefd;
-	syslog(LOG_DAEMON, "path served %s", fp);
+	goto closefd;		/* close file descriptor */
+	syslog(LOG_INFO, "path served %s", fname);
 
 	return;
 
 err:
 	/* return an error code and no content */
 	status_error(51, "file not found");
-	syslog(LOG_DAEMON, "path invalid %s", fp);
+	syslog(LOG_INFO, "path invalid %s", fname);
 	goto closefd;
 
 redirect:
 	/* read symbolic link target to redirect */
-	if (readlink(fp, target, FILENAME_MAX) == -1) {
-		goto err;
-	}
+	if (readlink(fname, target, FILENAME_MAX) == -1)
+	    goto err;
 
 	status_redirect(30, target);
-	syslog(LOG_DAEMON, "redirection from %s to %s", fp, target);
+	syslog(LOG_INFO, "redirection from %s to %s", fname, target);
 
 closefd:
-	if (S_ISREG(sb.st_mode) != 0) {
-		fclose(fd);
-	}
+	if (S_ISREG(sb.st_mode) != 0)
+	    fclose(fd);
 }
 
 void
 autoindex(const char *path)
 {
-	int n = 0;
-	char *pos = NULL;
-	struct dirent **namelist; /* this must be freed at last */
+	/* display liks to files in path + a link to parent (..) */
 
-	syslog(LOG_DAEMON, "autoindex: %s", path);
+	int 		n = 0;
+	struct dirent **namelist;	/* this must be freed at last */
 
-	/* display link to parent */
-	char parent[PATH_MAX] = {'\0'};
-	/* parent is "path" without chroot_dir */
-	estrlcpy(parent, path+strlen(chroot_dir), sizeof(parent));
-	/* remove ending '/' */
-	while (parent[strlen(parent)-1] == '/') {
-		parent[strlen(parent)-1] = '\0';
-	}
-	/* remove last part after '/' */
-	pos = strrchr(parent, '/');
-	if (pos != NULL) {
-		pos[1] = '\0'; /* at worse, parent is now "/" */
-	}
+	syslog(LOG_INFO, "autoindex: %s", path);
 
 	/* use alphasort to always have the same order on every system */
 	if ((n = scandir(path, &namelist, NULL, alphasort)) < 0) {
@@ -286,19 +284,18 @@ autoindex(const char *path)
 		errlog("Can't scan %s", path);
 	} else {
 		status(20, "text/gemini");
-		printf("=> %s ../\n", parent);
-		for(int j = 0; j < n; j++) {
+		printf("=> .. ../\n");	/* display link to parent */
+		for (int j = 0; j < n; j++) {
 			/* skip self and parent */
 			if ((strcmp(namelist[j]->d_name, ".") == 0) ||
 			    (strcmp(namelist[j]->d_name, "..") == 0)) {
 				continue;
 			}
 			/* add "/" at the end of a directory path */
-			if (namelist[j]->d_type == DT_DIR) {
-				printf("=> ./%s/ %s/\n", namelist[j]->d_name, namelist[j]->d_name);
-			} else {
-				printf("=> ./%s %s\n", namelist[j]->d_name, namelist[j]->d_name);
-			}
+			if (namelist[j]->d_type == DT_DIR)
+			    printf("=> ./%s/ %s/\n", namelist[j]->d_name, namelist[j]->d_name);
+			else
+			    printf("=> ./%s %s\n", namelist[j]->d_name, namelist[j]->d_name);
 			free(namelist[j]);
 		}
 		free(namelist);
@@ -308,10 +305,11 @@ autoindex(const char *path)
 void
 cgi(const char *cgicmd)
 {
-	execlp(cgicmd, cgicmd, NULL);
-	/* if execlp is ok, this will never be reached */
+	/* run cgicmd replacing current process */
+	execl(cgicmd, cgicmd, NULL);
+	/* if execl is ok, this will never be reached */
 	status(42, "Couldn't execute CGI script");
-	errlog("error when trying to execlp %s", cgicmd);
+	errlog("error when trying to execl %s", cgicmd);
 	exit(1);
 }
 
@@ -319,12 +317,26 @@ int
 main(int argc, char **argv)
 {
 	char 		request  [GEMINI_REQUEST_MAX] = {'\0'};
-	char 		hostname [GEMINI_REQUEST_MAX] = {'\0'};
-	char 		uri      [PATH_MAX]           = {'\0'};
 	char 		user     [_SC_LOGIN_NAME_MAX] = "";
-	char        query[PATH_MAX]               = {'\0'};
+	char 		hostname [GEMINI_REQUEST_MAX] = {'\0'};
+	char 		query    [PATH_MAX] = {'\0'};
+	char 		chroot_dir[PATH_MAX] = DEFAULT_CHROOT;
+	char 		file     [FILENAME_MAX] = DEFAULT_INDEX;
+	char 		dir      [PATH_MAX] = {'\0'};
+	char           *pos = NULL;
 	int 		option = 0;
-	char        *pos = NULL;
+	int 		virtualhost = 0;
+	int 		docgi = 0;
+
+	/*
+	 * request : contain the whole request from client : gemini://...\r\n
+	 * user : username, used in drop_privileges()
+	 * hostname : extracted from hostname. used with virtualhosts and cgi SERVER_NAME
+	 * query : file requested in cgi : gemini://...?query
+	 * file : file basename to display. Emtpy is a directory has been requested
+	 * dir : directory requested. vger will chdir() in to find file
+	 * pos : used to parse request and split into interesting parts
+	 */
 
 	while ((option = getopt(argc, argv, ":d:l:m:u:c:vi")) != -1) {
 		switch (option) {
@@ -342,7 +354,8 @@ main(int argc, char **argv)
 			estrlcpy(user, optarg, sizeof(user));
 			break;
 		case 'c':
-			estrlcpy(cgibin, optarg, sizeof(cgibin));
+			estrlcpy(cgidir, optarg, sizeof(cgidir));
+			docgi = 1;
 			break;
 		case 'v':
 			virtualhost = 1;
@@ -352,15 +365,20 @@ main(int argc, char **argv)
 			break;
 		}
 	}
+	/*
+	 * set logging options and defaults
+	 */
+	openlog("vger", LOG_PID, LOG_DAEMON);
 
 	/*
-	 * do chroot if an user is supplied run pledge/unveil if OpenBSD
+	 * do chroot if an user is supplied
 	 */
 	drop_privileges(user, chroot_dir);
 
 	/*
 	 * read 1024 chars from stdin
 	 * to get the request
+	 * (actually 1024 + \0)
 	 */
 	if (fgets(request, GEMINI_REQUEST_MAX, stdin) == NULL) {
 		/* EOF reached before reading anything */
@@ -368,19 +386,17 @@ main(int argc, char **argv)
 			status(59, "request is too short and probably empty");
 			errlog("request is too short and probably empty");
 
-		/* error before reading anything */
+			/* error before reading anything */
 		} else if (ferror(stdin)) {
 			status(59, "Error while reading request");
 			errlog("Error while reading request: %s", request);
 		}
 	}
-
 	/* check if string ends with '\n', or to long */
 	if (request[strnlen(request, GEMINI_REQUEST_MAX) - 1] != '\n') {
 		status(59, "request is too long (1024 max)");
 		errlog("request is too long (1024 max): %s", request);
 	}
-
 	/* remove \r\n at the end of string */
 	pos = strchr(request, '\r');
 	if (pos != NULL)
@@ -395,95 +411,116 @@ main(int argc, char **argv)
 		errlog("request «%s» doesn't match gemini://",
 		       request);
 	}
-	syslog(LOG_DAEMON, "request %s", request);
+	syslog(LOG_INFO, "request %s", request);
 
 	/* remove the gemini:// part */
-	memmove(request, request + GEMINI_PART, strlen(request) +1 - GEMINI_PART);
+	memmove(request, request + GEMINI_PART, strlen(request) + 1 - GEMINI_PART);
 
 	/* remove all "/.." for safety reasons */
-    while ((pos = strstr(request, "/..")) != NULL ) {
-		memmove(request, pos+3, strlen(pos) +1 - 3); /* "/.." = 3 */
-	}
+	while ((pos = strstr(request, "/..")) != NULL)
+	    memmove(request, pos + 3, strlen(pos) + 1 - 3);	/* "/.." = 3 */
 
-	/*
-	 * look for the first / after the hostname
-	 * in order to split hostname and uri
-	 */
+	/* look for hostname in request : first thing before first / if any */
 	pos = strchr(request, '/');
-
 	if (pos != NULL) {
-		/* if there is a / found */
-		/* separate hostname and uri */
-		estrlcpy(uri, pos, strlen(pos)+1);
-		/* just keep hostname in request */
+		/* copy what's after hostname in dir */
+		estrlcpy(dir, pos, strlen(pos) + 1);
+		/* just keep hostname in request : stop the string with \0 */
 		pos[0] = '\0';
 	}
-	/* check if client added :port at end of request */
+	/* check if client added :port at end of hostname and remove it */
 	pos = strchr(request, ':');
 	if (pos != NULL) {
-	/* end string at :*/
-	pos[0] = '\0';
+		/* end string at : */
+		pos[0] = '\0';
 	}
 	/* copy hostname from request */
 	estrlcpy(hostname, request, sizeof(hostname));
 
-	/* look for "?" if any to set query for cgi, or remove it*/
-	pos = strchr(uri, '?');
-	if (pos != NULL) {
-		estrlcpy(query, pos+1, sizeof(query));
-		esetenv("QUERY_STRING", query, 1);
-		pos[0] = '\0';
+	/* remove leading '/' in dir */
+	while (dir[0] == '/')
+	    memmove(dir, dir + 1, strlen(dir + 1) + 1);
+
+	if (virtualhost) {
+		/* add hostname at the beginning of the dir path */
+		char 		tmp      [PATH_MAX] = {'\0'};
+		estrlcpy(tmp, hostname, sizeof(tmp));
+		estrlcat(tmp, "/", sizeof(tmp));
+		estrlcat(tmp, dir, sizeof(tmp));
+		estrlcpy(dir, tmp, sizeof(dir));
 	}
+	/* percent decode */
+	uridecode(dir);
 
 	/*
-	 * if virtualhost feature is actived looking under the chroot_path +
-	 * hostname directory gemini://foobar/hello will look for
-	 * chroot_path/foobar/hello
+	 * split dir and filename. file is last part after last '/'. if none
+	 * found, then requested file is actually a directory
 	 */
-	if (virtualhost) {
-		if (strlen(uri) == 0) {
-			estrlcpy(uri, "/index.gmi", sizeof(uri));
+	if (strlen(dir) > 0) {
+		pos = strrchr(dir, '/');
+		if (pos != NULL) {
+			estrlcpy(file, pos + 1, sizeof(file));	/* +1 : no leading '/' */
+			pos[0] = '\0';
+
+			/* change directory to requested directory */
+			if (strlen(dir) > 0)
+			    echdir(dir);
+		} else {
+			estrlcpy(file, dir, sizeof(file));
 		}
-		char tmp[PATH_MAX] = {'\0'};
-		estrlcpy(tmp, hostname, sizeof(tmp));
-		estrlcat(tmp, uri, sizeof(tmp));
-		estrlcpy(uri, tmp, sizeof(uri));
 	}
+	if (docgi) {
+		/* check if directory is cgidir */
+		char 		cgifp    [PATH_MAX] = {'\0'};
+		estrlcpy(cgifp, chroot_dir, sizeof(cgifp));
+		if (cgifp[strlen(cgifp) - 1] != '/')
+		    estrlcat(cgifp, "/", sizeof(cgifp));
 
-	/* check if uri is cgibin */
-	if ((strlen(cgibin) > 0) &&
-		(strncmp(uri, cgibin, strlen(cgibin)) == 0)) {
+		estrlcat(cgifp, dir, sizeof(cgifp));
+
+		/* not cgipath, display file content */
+		if (strcmp(cgifp, cgidir) != 0)
+			goto file_to_stdout;
 
-		/* cgipath with chroot_dir at the beginning */
-		char cgipath[PATH_MAX] = {'\0'};
-		estrlcpy(cgipath, chroot_dir, sizeof(cgipath));
-		estrlcat(cgipath, uri, sizeof(cgipath));
 		/* set env variables for CGI */
-		/* see https://lists.orbitalfox.eu/archives/gemini/2020/000315.html */
+		/*
+		 * see
+		 * https://lists.orbitalfox.eu/archives/gemini/2020/000315.htm
+		 * l
+		 */
 		esetenv("GATEWAY_INTERFACE", "CGI/1.1", 1);
 		esetenv("SERVER_PROTOCOL", "GEMINI", 1);
 		esetenv("SERVER_SOFTWARE", "vger/1", 1);
 
+		/* look for "?" if any to set query for cgi, remove it */
+		pos = strchr(file, '?');
+		if (pos != NULL) {
+			estrlcpy(query, pos + 1, sizeof(query));
+			esetenv("QUERY_STRING", query, 1);
+			pos[0] = '\0';
+		}
 		/* look for an extension to find PATH_INFO */
-		pos = strrchr(cgipath, '.');
+		pos = strrchr(file, '.');
 		if (pos != NULL) {
 			/* found a dot */
 			pos = strchr(pos, '/');
 			if (pos != NULL) {
 				setenv("PATH_INFO", pos, 1);
-				pos[0] = '\0'; /* keep only script name */
+				pos[0] = '\0';	/* keep only script name */
 			}
 		}
-		esetenv("SCRIPT_NAME", cgipath, 1);
+		esetenv("SCRIPT_NAME", file, 1);
 		esetenv("SERVER_NAME", hostname, 1);
 
-		cgi(cgipath);
-
-	} else {
-		uridecode(uri);
-		/* open file and send it to stdout */
-		display_file(uri);
+		cgi(file);
+		return 0;
 	}
+file_to_stdout:
+	/* regular file  to stdout */
+	display_file(file);
+
+	/* end logging */
+	closelog();
 
 	return (0);
 }

mimes.c

@@ -5,6 +5,7 @@
 #include "mimes.h"
 #include "opts.h"
 
+/* extension to mimetype table */
 static const struct {
 	const char	*extension;
 	const char	*type;
@@ -124,6 +125,7 @@ get_file_mime(const char *path, const char *default_mime)
 	size_t	 i;
 	char	*extension;
 
+	/* search for extension after last '.' in path */
 	if ((extension = strrchr(path, '.')) == NULL)
 		goto out;
 

opts.h

@@ -1,13 +1,18 @@
 #include <limits.h> /* PATH_MAX */
 
+/* Defaults values */
 #define DEFAULT_MIME	 "application/octet-stream"
 #define DEFAULT_LANG	 ""
 #define DEFAULT_CHROOT	 "/var/gemini"
+#define DEFAULT_INDEX    "index.gmi"
 #define DEFAULT_AUTOIDX  0
 
- /* longest is 56 so 64 should be enough */
+/* 
+ * Options used later
+ */
+/* longest hardcoded mimetype is 56 long so 64 should be enough */
 static char            default_mime[64]     = DEFAULT_MIME;
-static char            chroot_dir[PATH_MAX] = DEFAULT_CHROOT;
 static char            lang[16]             = DEFAULT_LANG;
 static unsigned int    doautoidx            = DEFAULT_AUTOIDX;
-static char            cgibin[PATH_MAX]     = {'\0'};
+static char            cgidir[PATH_MAX]     = {'\0'};
+static int             chrooted             = 0;

shell.nix

@@ -0,0 +1,4 @@
+with (import <nixpkgs> {});
+mkShell {
+    buildInputs = [ gcc libbsd gnumake ];
+}

tests/test.sh

@@ -29,23 +29,23 @@ if ! [ $OUT = "fcc5a293f316e01f7b3103f97eca26b1" ] ; then echo "error" ; exit 1
 
 # redirect to uri with trailing / if directory
 OUT=$(printf "gemini://host.name/subdir\r\n" | ../vger -d var/gemini/ | tee /dev/stderr | MD5)
-if ! [ $OUT = "84e5e7bb3eee0dfcc8db14865dc83e77" ] ; then echo "error" ; exit 1 ; fi
+if ! [ $OUT = "b0e7e20db5ca7b80918025e7c15a8b02" ] ; then echo "error" ; exit 1 ; fi
 
 # redirect to uri with trailing / if directory and vhost enabled
 OUT=$(printf "gemini://perso.pw/cgi-bin\r\n" | ../vger -vd var/gemini | tee /dev/stderr | MD5)
-if ! [ $OUT = "c782da4173898f57033a0804b8e96fc3" ] ; then echo "error" ; exit 1 ; fi
+if ! [ $OUT = "827eef65a3cd71e2ce805bc1e05eac44" ] ; then echo "error" ; exit 1 ; fi
 
 # file from local directory with lang=fr and markdown MIME type
 OUT=$(printf "gemini://perso.pw/file.md\r\n" | ../vger -d var/gemini/ -l fr | tee /dev/stderr | MD5)
-if ! [ $OUT = "e663f17730d5ddc24010c14a238e1e78" ] ; then echo "error" ; exit 1 ; fi
+if ! [ $OUT = "09c82ffe243ce3b3cfb04c2bc4a91acb" ] ; then echo "error" ; exit 1 ; fi
 
 # file from local directory with lang=fr and unknown MIME type (default to application/octet-stream)
 OUT=$(printf "gemini://perso.pw/foobar.unknown\r\n" | ../vger -d var/gemini/ -l fr | tee /dev/stderr | MD5)
-if ! [ $OUT = "a23b0053d759863a45da4afbffd847d2" ] ; then echo "error" ; exit 1 ; fi
+if ! [ $OUT = "2c73bfb33dd2d12be322ebb85e03c015" ] ; then echo "error" ; exit 1 ; fi
 
 # file from local directory and unknown MIME type, default forced to text/plain
 OUT=$(printf "gemini://perso.pw/foobar.unknown\r\n" | ../vger -d var/gemini/ -m text/plain | tee /dev/stderr | MD5)
-if ! [ $OUT = "383a5a5ddb7bb30e3553ecb666378ebc" ] ; then echo "error" ; exit 1 ; fi
+if ! [ $OUT = "8169f43fbb2032f4054b153c38fe61d6" ] ; then echo "error" ; exit 1 ; fi
 
 # redirect file
 OUT=$(printf "gemini://perso.pw/old_location\r\n" | ../vger -d var/gemini/ | tee /dev/stderr | MD5)
@@ -73,30 +73,26 @@ if ! [ $OUT = "e354a1a29ea8273faaf0cdc29c1d8583" ] ; then echo "error" ; exit 1
 
 # auto index in directory without index.gmi must redirect
 OUT=$(printf "gemini://host.name/autoidx\r\n" | ../vger -d var/gemini/ -i | tee /dev/stderr | MD5)
-if ! [ $OUT = "874f5e1af67eff6b93bedf8ac8033066" ] ; then echo "error" ; exit 1 ; fi
+if ! [ $OUT = "5742b21d465e377074408045a71656dc" ] ; then echo "error" ; exit 1 ; fi
 
 # auto index in directory
 OUT=$(printf "gemini://host.name/autoidx/\r\n" | ../vger -d var/gemini/ -i | tee /dev/stderr | MD5)
-if ! [ $OUT = "515bcb4ba5f8869360f53afe2841e044" ] ; then echo "error" ; exit 1 ; fi
+if ! [ $OUT = "2d4a82fea3f10ab3e123e9f9d5dd1fbc" ] ; then echo "error" ; exit 1 ; fi
 
 # cgi simple script
-OUT=$(printf "gemini://host.name/cgi-bin/test.cgi\r\n" | ../vger -d var/gemini/ -c /cgi-bin | tee /dev/stderr | MD5)
+OUT=$(printf "gemini://host.name/cgi-bin/test.cgi\r\n" | ../vger -d var/gemini/ -c var/gemini/cgi-bin | tee /dev/stderr | MD5)
 if ! [ $OUT = "666e48200f90018b5e96c2cf974882dc" ] ; then echo "error" ; exit 1 ; fi
 
 # cgi with use of variables
-OUT=$(printf "gemini://host.name/cgi-bin/who.cgi?user=jean-mi\r\n" | ../vger -d var/gemini/ -c /cgi-bin | tee /dev/stderr | MD5)
+OUT=$(printf "gemini://host.name/cgi-bin/who.cgi?user=jean-mi\r\n" | ../vger -d var/gemini/ -c var/gemini/cgi-bin | tee /dev/stderr | MD5)
 if ! [ $OUT = "fa065a67d1f7c973501d4a9e3ca2ea57" ] ; then echo "error" ; exit 1 ; fi
 
 # cgi with error
-OUT=$(printf "gemini://host.name/cgi-bin/nope\r\n" | ../vger -d var/gemini/ -c /cgi-bin | tee /dev/stderr | MD5)
-if ! [ $OUT = "4156170c2aa8a6a8a0892ff5a61bf5f5" ] ; then echo "error" ; exit 1 ; fi
-
-# remove ?.* if any
-OUT=$(printf "gemini://host.name/main.gmi?anything-here\r\n" | ../vger -d var/gemini/ | tee /dev/stderr | MD5)
-if ! [ $OUT = "c7e352d6aae4ee7e7604548f7874fb9d" ] ; then echo "error" ; exit 1 ; fi
+OUT=$(printf "gemini://host.name/cgi-bin/nope\r\n" | ../vger -d var/gemini/ -c var/gemini/cgi-bin | tee /dev/stderr | MD5)
+if ! [ $OUT = "74ba4b36dcebec9ce9dae33033f3378a" ] ; then echo "error" ; exit 1 ; fi
 
 # virtualhost + cgi
-OUT=$(printf "gemini://perso.pw/cgi-bin/test.cgi\r\n" | ../vger -v -d var/gemini/ -c perso.pw/cgi-bin | tee /dev/stderr | MD5)
+OUT=$(printf "gemini://perso.pw/cgi-bin/test.cgi\r\n" | ../vger -v -d var/gemini/ -c var/gemini/perso.pw/cgi-bin | tee /dev/stderr | MD5)
 if ! [ $OUT = "666e48200f90018b5e96c2cf974882dc" ] ; then echo "error" ; exit 1 ; fi
 
 # percent-decoding

utils.c

@@ -8,18 +8,24 @@
 
 #include "utils.h"
 
-#ifdef __OpenBSD__
+#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined( __NetBSD__) || defined(__DragonFly__)
 #include <string.h>
 #else
 #include <bsd/string.h>
 #endif
 
+/* e*foo() functions are the equivalent of foo() but handle errors.
+ * In case an error happens:
+ * The error is printed to stdout
+ * return 1
+ */
+
 #ifdef __OpenBSD__
 void
 eunveil(const char *path, const char *permissions)
 {
 	if (unveil(path, permissions) == -1) {
-		syslog(LOG_DAEMON, "unveil on %s failed", path);
+		syslog(LOG_ERR, "unveil on %s failed", path);
 		err(1, "unveil on %s failed", path);
 	}
 }
@@ -28,7 +34,7 @@ void
 epledge(const char *promises, const char *execpromises)
 {
 	if (pledge(promises, execpromises) == -1) {
-		syslog(LOG_DAEMON, "pledge failed for: %s", promises);
+		syslog(LOG_ERR, "pledge failed for: %s", promises);
 		err(1, "pledge failed for: %s", promises);
 	}
 }
@@ -70,16 +76,19 @@ esetenv(const char *name, const char *value, int overwrite)
 	return ret;
 }
 
+/* send error in syslog, to stdout and die */
 void
 errlog(const char *format, ...)
 {
 	char e[1024] = {'\0'};
     va_list ap;
 
+    fflush(stdout); /* make sure older messages are printed */
+
     va_start(ap, format);
     vsnprintf(e, sizeof(e), format, ap);
     va_end(ap);
 
-	syslog(LOG_DAEMON, "%s", e);
+	syslog(LOG_ERR, "%s", e);
 	err(1, "%s", e);
 }

vger.8

@@ -44,17 +44,14 @@ will read the file /var/gemini/hostname.example/file.gmi
 .It Op Fl c
 Enable CGI support.
 .Ar cgi_path
-will be executed as a cgi script instead of returning its content.
-This path is relative to the directory set with
-.Fl d
-flag. If using virtualhost, you must insert the virtualhost directory in the cgi path.
+files will be executed as a cgi script instead of returning their content.
+.Ar cgi_path must not end with '/'.
+If using virtualhost, you must insert the virtualhost directory in the cgi path.
 As example, for a request gemini://hostname.example/cgi-bin/hello.cgi, one must set:
 .Bd -literal -offset indent
-vger -c /cgi-bin/hello.cgi
+vger -c /var/gemini/hostname.example/cgi-bin/hello.cgi
 .Ed
 .Pp
-Note you can define a directory instead of a single file.
-.Pp
 In this case,
 .Xr pledge 2
 promises and unveil permission are set to enable cgi execution.